1 058b0118 2005-01-03 devnull .TH SECSTORE 1
3 058b0118 2005-01-03 devnull aescbc, secstore, ipso \- secstore commands
4 058b0118 2005-01-03 devnull .SH SYNOPSIS
5 058b0118 2005-01-03 devnull .B secstore
11 058b0118 2005-01-03 devnull .B -(g|G)
12 058b0118 2005-01-03 devnull .I getfile
16 058b0118 2005-01-03 devnull .I putfile
20 058b0118 2005-01-03 devnull .I rmfile
36 058b0118 2005-01-03 devnull .B aescbc
38 058b0118 2005-01-03 devnull .I <cleartext
39 058b0118 2005-01-03 devnull .I >ciphertext
41 058b0118 2005-01-03 devnull .B aescbc
43 058b0118 2005-01-03 devnull .I <ciphertext
44 058b0118 2005-01-03 devnull .I >cleartext
48 058b0118 2005-01-03 devnull .B -a -e -l -f -s
54 058b0118 2005-01-03 devnull .SH DESCRIPTION
56 058b0118 2005-01-03 devnull .I Secstore
57 058b0118 2005-01-03 devnull authenticates to the server
58 058b0118 2005-01-03 devnull using a password and optionally a hardware token,
59 058b0118 2005-01-03 devnull then saves or retrieves a file.
60 058b0118 2005-01-03 devnull This is intended to be a credentials store (public/private keypairs,
61 058b0118 2005-01-03 devnull passwords, and other secrets) for a factotum.
65 058b0118 2005-01-03 devnull stores a file on the secstore.
69 058b0118 2005-01-03 devnull retrieves a file to the local directory;
72 058b0118 2005-01-03 devnull writes it to standard output instead.
73 058b0118 2005-01-03 devnull Specifying
74 058b0118 2005-01-03 devnull .I getfile
75 058b0118 2005-01-03 devnull of . will send to standard output
76 058b0118 2005-01-03 devnull a list of remote files with dates, lengths and SHA1 hashes.
80 058b0118 2005-01-03 devnull removes a file from the secstore.
84 058b0118 2005-01-03 devnull prompts for a password change.
88 058b0118 2005-01-03 devnull produces more verbose output, in particular providing a few
89 058b0118 2005-01-03 devnull bits of feedback to help the user detect mistyping.
93 058b0118 2005-01-03 devnull says that the password should be read from standard input
94 058b0118 2005-01-03 devnull instead of from
95 058b0118 2005-01-03 devnull .BR /dev/cons .
99 058b0118 2005-01-03 devnull says that the password should be read from NVRAM
100 058b0118 2005-01-03 devnull instead of from
101 058b0118 2005-01-03 devnull .BR /dev/cons .
102 058b0118 2005-01-03 devnull This option is unsupported.
104 058b0118 2005-01-03 devnull The server is
105 058b0118 2005-01-03 devnull .BR tcp!$auth!5356 ,
106 058b0118 2005-01-03 devnull or the server specified by option
107 058b0118 2005-01-03 devnull .BR -s .
109 058b0118 2005-01-03 devnull For example, to add a secret to the file read by
110 058b0118 2005-01-03 devnull .IR factotum (4)
111 058b0118 2005-01-03 devnull at startup, open a new window, type
114 058b0118 2005-01-03 devnull % ramfs -p; cd /tmp
115 058b0118 2005-01-03 devnull % auth/secstore -g factotum
116 058b0118 2005-01-03 devnull secstore password:
117 058b0118 2005-01-03 devnull % echo 'key proto=apop dom=x.com user=ehg !password=hi' >> factotum
118 058b0118 2005-01-03 devnull % auth/secstore -p factotum
119 058b0118 2005-01-03 devnull secstore password:
120 058b0118 2005-01-03 devnull % read -m factotum > /mnt/factotum/ctl
123 058b0118 2005-01-03 devnull and delete the window.
124 058b0118 2005-01-03 devnull The first line creates an ephemeral memory-resident workspace,
125 058b0118 2005-01-03 devnull invisible to others and automatically removed when the window is deleted.
126 058b0118 2005-01-03 devnull The next three commands fetch the persistent copy of the secrets,
127 058b0118 2005-01-03 devnull append a new secret,
128 058b0118 2005-01-03 devnull and save the updated file back to secstore.
129 058b0118 2005-01-03 devnull The final command loads the new secret into the running factotum.
133 058b0118 2005-01-03 devnull command packages this sequence into a convenient script to simplify editing of
134 058b0118 2005-01-03 devnull .I files
135 058b0118 2005-01-03 devnull stored on a secure store.
136 058b0118 2005-01-03 devnull It copies the named
137 058b0118 2005-01-03 devnull .I files
138 058b0118 2005-01-03 devnull into a local
139 058b0118 2005-01-03 devnull .IR ramfs (4)
140 058b0118 2005-01-03 devnull and invokes
141 058b0118 2005-01-03 devnull .IR acme (1)
142 058b0118 2005-01-03 devnull on them. When the editor exits,
144 058b0118 2005-01-03 devnull prompts the user to confirm copying modifed or newly created files back to
145 058b0118 2005-01-03 devnull .I secstore.
148 058b0118 2005-01-03 devnull is mentioned,
150 058b0118 2005-01-03 devnull grabs all the user's files from
151 058b0118 2005-01-03 devnull .I secstore
152 058b0118 2005-01-03 devnull for editing.
154 058b0118 2005-01-03 devnull By default, ipso will edit the
155 058b0118 2005-01-03 devnull .I secstore
156 058b0118 2005-01-03 devnull files and, if
157 058b0118 2005-01-03 devnull one of them is named
158 058b0118 2005-01-03 devnull .BR factotum ,
159 058b0118 2005-01-03 devnull flush your current keys from factotum and load
160 058b0118 2005-01-03 devnull the new ones from the file.
161 058b0118 2005-01-03 devnull If you supply any of the
162 058b0118 2005-01-03 devnull .BR -e ,
163 058b0118 2005-01-03 devnull .BR -f ,
166 058b0118 2005-01-03 devnull options,
168 058b0118 2005-01-03 devnull will just perform the operations you requested, i.e.,
169 058b0118 2005-01-03 devnull edit, flush, and/or load.
173 058b0118 2005-01-03 devnull option of
176 058b0118 2005-01-03 devnull .IR sam (1)
177 058b0118 2005-01-03 devnull as the editor insted of
178 058b0118 2005-01-03 devnull .BR acme ;
181 058b0118 2005-01-03 devnull option provides a similar service for files encrypted by
182 058b0118 2005-01-03 devnull .I aescbc
183 058b0118 2005-01-03 devnull .RI ( q.v. ).
184 058b0118 2005-01-03 devnull With the
186 058b0118 2005-01-03 devnull option, the full rooted pathname of the
188 058b0118 2005-01-03 devnull must be specified and all
189 058b0118 2005-01-03 devnull .I files
190 058b0118 2005-01-03 devnull must be encrypted with the same key.
191 058b0118 2005-01-03 devnull Also with
192 058b0118 2005-01-03 devnull .BR -a ,
193 058b0118 2005-01-03 devnull newly created files are ignored.
195 058b0118 2005-01-03 devnull .I Aescbc
196 058b0118 2005-01-03 devnull encrypts and decrypts using AES (Rijndael) in cipher
197 058b0118 2005-01-03 devnull block chaining (CBC) mode.
198 058b0118 2005-01-03 devnull .SH SOURCE
199 058b0118 2005-01-03 devnull .B /usr/local/plan9/src/cmd/secstore
200 058b0118 2005-01-03 devnull .SH SEE ALSO
201 058b0118 2005-01-03 devnull .IR factotum (4),
202 058b0118 2005-01-03 devnull Plan 9's \fIsecstore\fR(8)
203 058b0118 2005-01-03 devnull .SH BUGS
204 058b0118 2005-01-03 devnull There is deliberately no backup of files on the secstore, so
206 058b0118 2005-01-03 devnull (or a disk crash) is irrevocable. You are advised to store
207 058b0118 2005-01-03 devnull important secrets in a second location.
209 058b0118 2005-01-03 devnull When using
210 058b0118 2005-01-03 devnull .IR ipso ,
211 058b0118 2005-01-03 devnull secrets will appear as plain text in the editor window,
212 058b0118 2005-01-03 devnull so use the command in private.